Chapter Handbook/Chapter 2: Mandatory Chapter Rules

This section outlines the “musts” for chapter leaders, or stated differently, these are the bottom line rules required of chapter leaders. The rest of the handbook is composed of best practices and guidance, which are only suggestions for chapter leaders.

Organize free and open meetings

Local chapter meetings must be free for everyone to attend, regardless of whether the attendee is a paid member, and open to anyone.

Hold a minimum of 2 local chapter meetings or events each year

While this is the minimum number of chapter meetings which you need to hold, 4 meetings a year is recommended to maintain an active chapter. There are a variety of meeting “formats” or events that may be used to fulfill this requirement including virtual meetings or even small gatherings to discuss application security. Possibilities for meeting formats and events are discussed more below.

Give official meeting notice through the wiki, chapter mailing list, and OWASP Calendar

Chapter meetings must be posted to the OWASP wiki (on the chapter’s page) and a meeting announcement must be sent out to the OWASP mailing list (i.e. owasp-CHAPTERNAME@lists.owasp.org) to notify the OWASP community of each upcoming meeting. Also, the meeting must be listed on the OWASP Global Events Calendar.

Abide by OWASP principles and the code of ethics

Protect the privacy of the chapter’s local contacts

The privacy of chapter members and meeting attendees should be protected at all times. You should not disclose names, email addresses, or other identifying information about OWASP members or meeting attendees. Only aggregate statistics can be referenced. If a meeting sponsor is utilized that organization might consider doing a raffle in exchange for business cards.

Maintain vendor neutrality (act independently)

In order to preserve OWASP’s non-profit status and open, non-commercial principles it is important that no commercially-oriented “sales pitch” talks are given at OWASP events, be it chapter meetings or conferences. Such talks are not only against OWASP principles, they also blur the line between OWASP and commercial entities, thus diluting the OWASP brand name and agnostic status globally.

Spend any chapter funds in accordance with the OWASP goals, code of ethics, and principles

Chapter Oversight

OWASP Chapters and Chapter Leaders are overseen by the Global Chapters Committee and, ultimately, the Global OWASP Board. If the Global Chapters Committee or Global OWASP Board determines that an OWASP Chapter Leader has not complied with these rules, their status as an OWASP Chapter Leader may be revoked. Additionally, OWASP administrative access (including the leader’s owasp.org email address) may be immediately revoked.